Re: monit – can't connect from browser

Gutten Abend, Burkhard --

I can't connect with the canonical name:
https://jupiter.obliqueuniverse.org:2812

You don't forward this port, I connected to you public IP and receive your
Apache welcome page. (http://207.237.37.110/apache2-default/DNS works
also)

I have my Dell Truemobile 2300 router configured to forward
207.237.37.110:2812 to 192.168.2.2:2812

"Failed to Connect"
"Firefox can't established a connection to the server at
jupiter.obliqueuniverse.org:2812"

As I said you haven't open this port on your public IP.
You'll probably still need a DNAT rule in your iptables configuration.

This is my first encounter with iptables. I looked at the man page,
and the learning curve looks steep. Without further study, I can't
tell what the command to create the rule should look like.

Can you advise me on this?

Is there a tutorial on how to use iptables that is perhaps more
descriptive than the man page?

This are your reachable ports from outside:

20/tcp closed ftp-data
21/tcp open   ftp
22/tcp open   ssh
53/tcp open   domain
80/tcp open   http

All of these ports are listed in the port forwarding table for the
Dell router. I'm not sure why port 20 shows as "closed", since I have
both ports 20 and 21 forwarded from 207.237.37.110 to the ftp server
on 192.168.2.2.

Does this also have to do with a DNAT rule in iptables?

I notice that I *also*  can't connect to the FTP server, Apache, or
ISPConfig using the FQDN.
I can connect *only* using the NAT address 192.168.2.2 (whether from
the Windows machine (192.168.2.3) or another computer running Linux
(192.168.2.5) on my LAN.)

check via host or nslookup your name entries it should be similar like
this:

host jupiter.obliqueuniverse.org
jupiter.obliqueuniverse.org has address 207.237.37.110

- - - - - - - - - - - - - - - - - - - - - - - - - - -
On my Windows machine (192.168.2.3), which *does not know* about the
DNS server on 192.168.2.2:

nslookup 207.237.37.110

Server: ns2.dns.rcn.net
Address: 207.172.3.9

Name: obliqueuniverse.org
Address: 207.237.37.110

nslookup obliqueuniverse.org

Server: ns2.dns.rcn.net
Address: 207.172.3.9

Non-authoritative answer:
Name: obliqueuniverse.org
Address: 207.237.37.110
- - - - - - - - - - - - - - - - - - - - - - - - - - -
On jupiter (192.168.2.2) itself:

# hostname
jupiter.obliqueuniverse.org

# nslookup 207.237.37.110

Server: 192.168.2.2
Address: 192.168.2.2#53

110.37.237.207.in-addr.arpa name = obliqueuniverse.org.

# nslookup obliqueuniverse.org

Server: 192.168.2.2
Address: 192.168.2.2#53

Name: obliqueuniverse.org
Address: 207.237.37.110
- - - - - - - - - - - - - - - - - - - - - - - - - - -

Try traceroute to 207.237.37.110 you should usually see that your
packet goes via your gateway to your server outside, otherwise you nee to
check your /etc/hosts and/or your local DNS if available.

On 192.168.2.2:

# traceroute 207.237.37.110
1 obliqueuniverse.org (207.237.37.110) 0.778 ms 0.726 ms
0.654 ms

# traceroute obliqueuniverse.org
1 obliqueuniverse.org (207.237.37.110) 0.800 ms 0.721 ms
0.648 ms

It looks like you can't run traceroute from Windows XP (or else I just
don't know how).
- - - - - - - - - - - - - - - - - - - - - - - - - - -

cat /etc/apache2/sites-enabled/001-default | grep DocumentRoot

As I see you use debian you it should be /var/www but if you didn't touch
the rewrite rule then you'll bee redireted to /var/www/apache2-default.

I put an index.html file in /var/www and restarted apache, but I still
get the "Test Page for Apache installation" . I moved the index.html
to /var/www/apache2-default, and I still get the test page. I looked
at apache2.conf to see if there is something I need to reconfigure,
but I can't see anything.

Thanks again for your help!

Best Regards,
Vwaju
.

Relevant Pages

  • Hacker problem...Takes down apache?
    ... It seems to be doing *something* to break Apache in an attempt ... When connecting to port 80 on the web server with a web browser a "page ... However sockstat still shows httpd listening on port ...
    (freebsd-questions)
  • Re: Attaching DHCP Server Management to Fixed TCP Port
    ... there may be enough ways to access ur dhcp server via vpn. ...   ... management of the DHCP server by machines behind our firewall only. ... The most secure solution is one that locks the DHCP Server management port ...
    (microsoft.public.windows.server.networking)
  • RE: Some technical errors
    ... If the SMTP server is not running on port 25 TCP it is not a public ... Manager - Computer Assurance Services BDO Chartered Accountants & ...
    (Security-Basics)
  • Re: still having problems contacting the apache server
    ... I think I have narrowed this down to a port issue is there a way to actually change the port with in Apache. ... Firefox can't establish a connection to the server at pilotalk.dyndns.biz. ...
    (Fedora)
  • Re: Rogue PHP file
    ... Of course none of them will admit to installing Apache ... used by another program" I ran netstat -ano and found Apache on port 80. ... are not running a public web server on your SBS (and you should NOT ...
    (microsoft.public.windows.server.sbs)
Loading